» burnaware76_free.exe
Overview
Analysis
File Details
Programs (1)
Downloads (10)

burnaware76_free.exe

BurnAware Free

Burnaware

The application burnaware76_free.exe, “BurnAware Free Installation ” by Burnaware has been detected as a potentially unwanted program by 6 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This file is typically installed with the program Toolwiz Time Freeze 2014 by ToolWiz. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.

File name:

Publisher:

Burnaware (signed by Burnaware)

Product:

BurnAware Free

Description:

BurnAware Free Installation

Version:

7.6.0.0

MD5:

7b43194cd66e3039b5b79cd14c20baba

SHA-1:

432236a42d578a8200d06cc1484a58e690930493

SHA-256:

be338b9ad63ffc56f1192ce8804ebf9aba5e107670f2f38779fe5d2b32d296ff

Scanner detections:

6 / 68

Status:

Potentially unwanted

Explanation:

Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:

11/23/2024 2:59:11 AM UTC (today)

Scan engine

Detection

Engine version

AVG

AdLoad.OpenCandy

2015.0.3292

Dr.Web

Adware.OpenCandy.39

9.0.1.0317

ESET NOD32

Win32/OpenCandy (variant)

8.10716

Fortinet FortiGate

Riskware/OpenCandy

11/13/2014

Reason Heuristics

PUP.OpenCandy.Installer (L)

16.12.1.23

VIPRE Antivirus

Trojan.Win32.Generic

34748

File size:

6.9 MB (7,244,992 bytes)

Product version:

7.6.0.0

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\burnaware76_free.exe

Digital Signature

Signed by:

Burnaware

Authority:

COMODO CA Limited

Valid from:

11/5/2014 1:00:00 AM

Valid to:

11/6/2019 12:59:59 AM

Subject:

CN=Burnaware, O=Burnaware, STREET=Krylatskie Kholmy 39-2, L=Moscow, S=Moscow, PostalCode=121614, C=RU

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

34A57A0F0BF4B55CCD6F48728FA63980

File PE Metadata

Compilation timestamp:

7/9/2014 9:58:13 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

196608:8mjMMN4F20t/hMIAuRzfqh0QPHvi40Xi60Ocx51V:8m+Q0hCIAuRzA0QvOF5cx5L

Entry address:

0x113BC

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

63.5 KB (65,024 bytes)

The file burnaware76_free.exe has been discovered within the following program.

Toolwiz Time Freeze 2014 by ToolWiz

www.Toolwiz.com

About 1% of users remove it

The file burnaware76_free.exe has been seen being distributed by the following 10 URLs.

http://www.burnaware.com/.../burnaware_free.exe

http://software-files-a.cnet.com/s/software/13/92/32/.../burnaware_free.exe

http://down.filepuma.com/files/dvd-burners/.../BurnAware_Free_v7.6.exe

http://www.filepuma.com/down/1416346182c7421/burnaware_free_7.6/.../0/

http://www.filepuma.com/file/1416346182c7421/burnaware_free_7.6/.../0/

http://download.betanews.com/download/.../burnaware_free.exe

http://www.filepuma.com/file/1416057243c7421/burnaware_free_7.6/.../0/

http://www.softportal.com/getsoft-8256-burnaware-free-2.html

https://burnaware.cleverbridge.com/343/cookie?affiliate=3043&redirectto=http://www.burnaware.com/.../burnaware_free.exe

http://www.filepuma.com/file/1415889270c7421/burnaware_free_7.6/.../0/

Remove burnaware76_free.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.